The pipeline execution policy type is a new type of security policy that allows users to support enforcement of generic CI jobs, scripts, and instructions.

This new policy type enables security and compliance teams to enforce:
Customized GitLab security scanning templates
GitLab or partner-supported CI templates
3rd party security scanning templates
Custom reporting rules through CI jobs
Custom scripts/rules through GitLab CI

The policy allows two modes:
Inject mode: injects jobs into the project’s CI/CD pipeline
Override mode: replaces the project’s CI/CD pipeline configuration

As with all GitLab policies, enforcement can be managed centrally by designated security and compliance team members who create and manage the policies.

OUTLINE
00:00 - Introduction
00:45 - What are Pipeline Execution Policies
01:23 - Demo Project and Compliance Pipeline Setup
02:15 - Creating and Enforcing a new Pipeline Execution Policy
03:25 - Validating the Policy
03:52 - Conclusion

USEFUL LINKS
Pipeline Execution Policy Documentation: https://docs.gitlab.com/ee/user/appli...
Security Policy Documentation: https://docs.gitlab.com/ee/user/appli...
GitLab 17.2 Release Post: https://about.gitlab.com/releases/202...
Pipeline Execution Policy Epic: https://gitlab.com/groups/gitlab-org/...

DEMO PROJECTS:
Accounting Department (Inject): https://gitlab.com/gitlab-da/tutorial...
Accounting Department (Inject) - Security policy project: https://gitlab.com/gitlab-da/tutorial...
Compliance Configurations: https://gitlab.com/gitlab-da/tutorial...

Thanks for watching! Be sure to subscribe and follow @awkwardferny and @gitlab on twitter for similar content.